There's no question that the attack has cost Sony millions of dollars and tarnished the electronic giant's strong brand. For the first week after the attack, Sony was mostly silent on the matter while it investigated the attack. Ever since its Sunday press conference though, the company has been on a public relations assault to win over upset customers and even members of Congress.

On Thursday for example, Sony published three posts on the PlayStation blog. The first was an announcement stating that it had begun "the final stages of internal testing of the new [PlayStation Network and Qriocity] system," one of the last milestones before PSN returns to millions of PlayStations worldwide. The second post announced that Sony would be offering identity theft protection to U.S. customers. Sony is giving away a one-year subscription to "AllClear ID Plus," which provides personal data protection and a $1 million insurance protection program.

The third and final blog post is actually a letter from Sir Howard Stringer, Sony's CEO. In the letter, Stringer apologizes to customers "for the inconvenience and concern caused by this attack," explains what steps Sony is taking to restore service. It also reiterates Sony's position that "there is no confirmed evidence any credit card or personal information has been misused."

The following is an excerpt from his letter:

"As a company we — and I — apologize for the inconvenience and concern caused by this attack. Under the leadership of Kazuo Hirai, we have teams working around the clock and around the world to restore your access to those services as quickly, and as safely, as possible.

I know some believe we should have notified our customers earlier than we did. It’s a fair question. As soon as we discovered the potential scope of the intrusion, we shut down the PlayStation Network and Qriocity services and hired some of the best technical experts in the field to determine what happened. I wish we could have gotten the answers we needed sooner, but forensic analysis is a complex, time-consuming process. Hackers, after all, do their best to cover their tracks, and it took some time for our experts to find those tracks and begin to identify what personal information had — or had not — been taken."

Fighting Off Another Attack

As Sony recovers from the attack that breached its servers, it must simultaneously appease customers, addresses congressional concerns and fend off a potential hacker attack.

The planned attack seems to be the most immediate concern facing Sony. According to CNET, hackers are telling people on Internet Relay Chat (IRC) that they intend to attack Sony's website sometime this weekend and publicly release any information they can take from Sony's servers. These hackers already claim to have access to some of Sony's servers and data.

Another successful attack would be a devastating blow to Sony's credibility. Customer trust in Sony's ability to protect their data would all but disappear, and that's simply something the company cannot afford. For its part, Sony has been working around the clock to beef up its security in case of a follow-up attack.

The technology giant has already responded to Congress in an eight-page letter. It details the attack and what steps Sony is taking to increase its security. The letter also revealed that "Anonymous" may have planted a note on PlayStation's servers. Anonymous, a loosely organized group of hackers known for its attacks against Scientology and other targets, has denied involvement.

As for the subpoena from the New York Attorney General, Sony says that it will review and respond to the request.

Regaining the Trust of Customers

With its heightened security measures, Sony has the capability to fend off hackers. It can also likely satisfy Congress with its explanation of what happened, especially if credit card information wasn't accessed. However, regaining customer trust will be a big challenge that could take months or even years.

Sony didn't win points for taking days to inform and reassure PlayStation Network customers about the outage. We understand why Sony waited so long to respond, but even a daily blog post saying it was working on restoring service day and night and conducting an investigation into what happened would have gone a long way to soothing customers.

Sony has made the right moves since then, though. It is giving customers a month of free service and a year of free identity theft protection. It is hiring a Chief Information Security Officer and a security team to make sure this type of incident never happens again. And most of all, it is communicating with customers on a daily basis.

If Sony can keep its servers safe from hackers, it may be able to recover from this disaster. The big question is whether customers will trust Sony with their data once the PlayStation Network is back online.

Mashable
is a global, multi-platform media and entertainment company. Powered by its own proprietary technology, Mashable is the go-to source for tech, digital culture and entertainment content for its dedicated and influential audience around the globe.